Commit e9cf2a5b authored by Stephane Glondu's avatar Stephane Glondu

Change default group parameters and import FIPS generation script

parent f110ed04
{"g":"14887492224963187634282421537186040801304008017743492304481737382571933937568724473847106029915040150784031882206090286938661464458896494215273989547889201144857352611058572236578734319505128042602372864570426550855201448111746579871811249114781674309062693442442368697449970648232621880001709535143047913661432883287150003429802392229361583608686643243349727791976247247948618930423866180410558458272606627111270040091203073580238905303994472202930783207472394578498507764703191288249547659899997131166130259700604433891232298182348403175947450284433411265966789131024573629546048637848902243503970966798589660808533","p":"16328632084933010002384055033805457329601614771185955389739167309086214800406465799038583634953752941675645562182498120750264980492381375579367675648771293800310370964745767014243638518442553823973482995267304044326777047662957480269391322789378384619428596446446984694306187644767462460965622580087564339212631775817895958409016676398975671266179637898557687317076177218843233150695157881061257053019133078545928983562221396313169622475509818442661047018436264806901023966236718367204710755935899013750306107738002364137917426595737403871114187750804346564731250609196846638183903982387884578266136503697493474682071","q":"61329566248342901292543872769978950870633559608669337131139375508370458778917"}
{"g":"2402352677501852209227687703532399932712287657378364916510075318787663274146353219320285676155269678799694668298749389095083896573425601900601068477164491735474137283104610458681314511781646755400527402889846139864532661215055797097162016168270312886432456663834863635782106154918419982534315189740658186868651151358576410138882215396016043228843603930989333662772848406593138406010231675095763777982665103606822406635076697764025346253773085133173495194248967754052573659049492477631475991575198775177711481490920456600205478127054728238140972518639858334115700568353695553423781475582491896050296680037745308460627","p":"20694785691422546401013643657505008064922989295751104097100884787057374219242717401922237254497684338129066633138078958404960054389636289796393038773905722803605973749427671376777618898589872735865049081167099310535867780980030790491654063777173764198678527273474476341835600035698305193144284561701911000786737307333564123971732897913240474578834468260652327974647951137672658693582180046317922073668860052627186363386088796882120769432366149491002923444346373222145884100586421050242120365433561201320481118852408731077014151666200162313177169372189248078507711827842317498073276598828825169183103125680162072880719","q":"78571733251071885079927659812671450121821421258408794611510081919805623223441"}
import hashlib
######################################################################
### Generate p and q according to FIPS 186-4, section A.1.1.2
L = 2048
N = 256
seedlen = 358 # not used
outlen = 256
seed = "Belenios: Verifiable online voting system "
def stringToInt(string):
seq = [ ord(x) for x in string]
res = ZZ(seq, 256)
return res
def intToString(number):
seq = number.digits(base=256)
seq = [ chr(x) for x in seq ]
return reduce(lambda a, b: a + b, seq)
# hash integer to an integer with SHA256
def Hash(number):
string = intToString(number)
return int(hashlib.sha256(string).hexdigest(), 16)
assert seedlen >= N
n = (L/outlen).n().ceiling() - 1
b = L-1-(n*outlen)
count = 0
found = False
while True:
domain_parameter_seed = stringToInt(seed + str(count))
U = Hash(domain_parameter_seed) % 2^(N-1)
q = 2^(N-1) + U + 1 - (U % 2)
count += 1
if q.is_prime():
break
offset = 1
counter = 0
while counter < 4*L:
V = [ Hash(domain_parameter_seed + offset + j) for j in range(0,n+1) ]
W = V[0]
for j in range(1, n):
W += V[j]*2^(outlen*j)
W += (V[n] % 2^b)*2^(n*outlen)
X = W + 2^(L-1)
c = X % (2*q)
p = X - (c-1)
if p > 2^(L-1) and p.is_pseudoprime():
found = True
break
offset = offset + n + 1
counter += 1
if found:
print "p = " + str(p)
print "q = " + str(q)
print "domain_parameter_seed = " + str(domain_parameter_seed)
print "counter = " + str(counter)
else:
print "Not found"
######################################################################
### Generate g according to section A.2.3
index = 0
N = q.nbits()
e = (p-1)//q
count = 1
U = count + 2^16*(index + 2^16*(0x6767656E + 2^32*domain_parameter_seed))
W = Hash(U)
g = int(GF(p, proof=False)(W)^e)
assert g >= 2
print "g = " + str(g)
print "Checking primality of p (not only pseudo-primality), this will take some time..."
assert p.is_prime()
......@@ -7,7 +7,7 @@
\usepackage{bbm}
\usepackage{hyperref}
\newcommand{\version}{0.1}
\newcommand{\version}{0.2}
\newcommand{\F}{\mathbbm{F}}
\newcommand{\G}{\mathbbm{G}}
......@@ -56,7 +56,7 @@ group operation. For practical purposes, we use a multiplicative
subgroup of $\F^*_p$ (hence, all exponentiations are implicitly done
modulo $p$). We suppose the group parameters are agreed on
beforehand. Default group parameters are given as examples in
section~\ref{default-group} (they are the same as Helios v3).
section~\ref{default-group}.
\section{Parties}
......@@ -566,32 +566,46 @@ verify the tally:
\section{Default group parameters}
\label{default-group}
These parameters have been generated by the \verb=fips.sage= script
(available in Belenios sources), which is itself based on FIPS 186-4.
\[
\begin{array}{lcr}
p&=&20694785691422546\\
&&401013643657505008064922989295751104097100884787057374219242\\
&&717401922237254497684338129066633138078958404960054389636289\\
&&796393038773905722803605973749427671376777618898589872735865\\
&&049081167099310535867780980030790491654063777173764198678527\\
&&273474476341835600035698305193144284561701911000786737307333\\
&&564123971732897913240474578834468260652327974647951137672658\\
&&693582180046317922073668860052627186363386088796882120769432\\
&&366149491002923444346373222145884100586421050242120365433561\\
&&201320481118852408731077014151666200162313177169372189248078\\
&&507711827842317498073276598828825169183103125680162072880719\\
g&=&2402352677501852\\
&&209227687703532399932712287657378364916510075318787663274146\\
&&353219320285676155269678799694668298749389095083896573425601\\
&&900601068477164491735474137283104610458681314511781646755400\\
&&527402889846139864532661215055797097162016168270312886432456\\
&&663834863635782106154918419982534315189740658186868651151358\\
&&576410138882215396016043228843603930989333662772848406593138\\
&&406010231675095763777982665103606822406635076697764025346253\\
&&773085133173495194248967754052573659049492477631475991575198\\
&&775177711481490920456600205478127054728238140972518639858334\\
&&115700568353695553423781475582491896050296680037745308460627\\
q&=&78571733251071885\\
&&079927659812671450121821421258408794611510081919805623223441
\end{array}
\]
The additional output of the generation algorithm is:
\[
\begin{array}{lcr}
p&=&16328632084933010\\
&&002384055033805457329601614771185955389739167309086214800406\\
&&465799038583634953752941675645562182498120750264980492381375\\
&&579367675648771293800310370964745767014243638518442553823973\\
&&482995267304044326777047662957480269391322789378384619428596\\
&&446446984694306187644767462460965622580087564339212631775817\\
&&895958409016676398975671266179637898557687317076177218843233\\
&&150695157881061257053019133078545928983562221396313169622475\\
&&509818442661047018436264806901023966236718367204710755935899\\
&&013750306107738002364137917426595737403871114187750804346564\\
&&731250609196846638183903982387884578266136503697493474682071\\
g&=&14887492224963187\\
&&634282421537186040801304008017743492304481737382571933937568\\
&&724473847106029915040150784031882206090286938661464458896494\\
&&215273989547889201144857352611058572236578734319505128042602\\
&&372864570426550855201448111746579871811249114781674309062693\\
&&442442368697449970648232621880001709535143047913661432883287\\
&&150003429802392229361583608686643243349727791976247247948618\\
&&930423866180410558458272606627111270040091203073580238905303\\
&&994472202930783207472394578498507764703191288249547659899997\\
&&131166130259700604433891232298182348403175947450284433411265\\
&&966789131024573629546048637848902243503970966798589660808533\\
q&=&61329566248342901\\
&&292543872769978950870633559608669337131139375508370458778917
\texttt{domain\_parameter\_seed}&=&478953892617249466\\
&&166106476098847626563138168027\\
&&716882488732447198349000396592\\
&&020632875172724552145560167746\\
\texttt{counter}&=&109
\end{array}
\]
......
......@@ -31,7 +31,7 @@
</div>
<div>
Group parameters:
<div><textarea id="election_group" rows="1" cols="80">{"g":"14887492224963187634282421537186040801304008017743492304481737382571933937568724473847106029915040150784031882206090286938661464458896494215273989547889201144857352611058572236578734319505128042602372864570426550855201448111746579871811249114781674309062693442442368697449970648232621880001709535143047913661432883287150003429802392229361583608686643243349727791976247247948618930423866180410558458272606627111270040091203073580238905303994472202930783207472394578498507764703191288249547659899997131166130259700604433891232298182348403175947450284433411265966789131024573629546048637848902243503970966798589660808533","p":"16328632084933010002384055033805457329601614771185955389739167309086214800406465799038583634953752941675645562182498120750264980492381375579367675648771293800310370964745767014243638518442553823973482995267304044326777047662957480269391322789378384619428596446446984694306187644767462460965622580087564339212631775817895958409016676398975671266179637898557687317076177218843233150695157881061257053019133078545928983562221396313169622475509818442661047018436264806901023966236718367204710755935899013750306107738002364137917426595737403871114187750804346564731250609196846638183903982387884578266136503697493474682071","q":"61329566248342901292543872769978950870633559608669337131139375508370458778917"}</textarea></div>
<div><textarea id="election_group" rows="1" cols="80">{"g":"2402352677501852209227687703532399932712287657378364916510075318787663274146353219320285676155269678799694668298749389095083896573425601900601068477164491735474137283104610458681314511781646755400527402889846139864532661215055797097162016168270312886432456663834863635782106154918419982534315189740658186868651151358576410138882215396016043228843603930989333662772848406593138406010231675095763777982665103606822406635076697764025346253773085133173495194248967754052573659049492477631475991575198775177711481490920456600205478127054728238140972518639858334115700568353695553423781475582491896050296680037745308460627","p":"20694785691422546401013643657505008064922989295751104097100884787057374219242717401922237254497684338129066633138078958404960054389636289796393038773905722803605973749427671376777618898589872735865049081167099310535867780980030790491654063777173764198678527273474476341835600035698305193144284561701911000786737307333564123971732897913240474578834468260652327974647951137672658693582180046317922073668860052627186363386088796882120769432366149491002923444346373222145884100586421050242120365433561201320481118852408731077014151666200162313177169372189248078507711827842317498073276598828825169183103125680162072880719","q":"78571733251071885079927659812671450121821421258408794611510081919805623223441"}</textarea></div>
</div>
</div>
</div>
......
......@@ -342,7 +342,7 @@ let create_new_election owner cred auth =
} in
let se = {
se_owner = owner;
se_group = "{\"g\":\"14887492224963187634282421537186040801304008017743492304481737382571933937568724473847106029915040150784031882206090286938661464458896494215273989547889201144857352611058572236578734319505128042602372864570426550855201448111746579871811249114781674309062693442442368697449970648232621880001709535143047913661432883287150003429802392229361583608686643243349727791976247247948618930423866180410558458272606627111270040091203073580238905303994472202930783207472394578498507764703191288249547659899997131166130259700604433891232298182348403175947450284433411265966789131024573629546048637848902243503970966798589660808533\",\"p\":\"16328632084933010002384055033805457329601614771185955389739167309086214800406465799038583634953752941675645562182498120750264980492381375579367675648771293800310370964745767014243638518442553823973482995267304044326777047662957480269391322789378384619428596446446984694306187644767462460965622580087564339212631775817895958409016676398975671266179637898557687317076177218843233150695157881061257053019133078545928983562221396313169622475509818442661047018436264806901023966236718367204710755935899013750306107738002364137917426595737403871114187750804346564731250609196846638183903982387884578266136503697493474682071\",\"q\":\"61329566248342901292543872769978950870633559608669337131139375508370458778917\"}";
se_group = "{\"g\":\"2402352677501852209227687703532399932712287657378364916510075318787663274146353219320285676155269678799694668298749389095083896573425601900601068477164491735474137283104610458681314511781646755400527402889846139864532661215055797097162016168270312886432456663834863635782106154918419982534315189740658186868651151358576410138882215396016043228843603930989333662772848406593138406010231675095763777982665103606822406635076697764025346253773085133173495194248967754052573659049492477631475991575198775177711481490920456600205478127054728238140972518639858334115700568353695553423781475582491896050296680037745308460627\",\"p\":\"20694785691422546401013643657505008064922989295751104097100884787057374219242717401922237254497684338129066633138078958404960054389636289796393038773905722803605973749427671376777618898589872735865049081167099310535867780980030790491654063777173764198678527273474476341835600035698305193144284561701911000786737307333564123971732897913240474578834468260652327974647951137672658693582180046317922073668860052627186363386088796882120769432366149491002923444346373222145884100586421050242120365433561201320481118852408731077014151666200162313177169372189248078507711827842317498073276598828825169183103125680162072880719\",\"q\":\"78571733251071885079927659812671450121821421258408794611510081919805623223441\"}"; (* generated by fips.sage *)
se_voters = [];
se_questions;
se_public_keys = [];
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment